-
Notifications
You must be signed in to change notification settings - Fork 24
/
checksum-plugin.feature
175 lines (145 loc) · 5.37 KB
/
checksum-plugin.feature
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
Feature: Validate checksums for WordPress plugins
Scenario: Verify plugin checksums
Given a WP install
When I run `wp plugin install duplicate-post --version=3.2.1`
Then STDOUT should not be empty
And STDERR should be empty
When I run `wp plugin verify-checksums duplicate-post`
Then STDOUT should be:
"""
Success: Verified 1 of 1 plugins.
"""
When I run `wp plugin verify-checksums duplicate-post --format=json --version=3.2.1`
Then STDOUT should be:
"""
Success: Verified 1 of 1 plugins.
"""
And STDERR should be empty
When I try `wp plugin verify-checksums duplicate-post --format=json --version=3.2.2`
Then the return code should be 1
And STDOUT should contain:
"""
"plugin_name":"duplicate-post","file":"duplicate-post-jetpack.php","message":"File is missing"
"""
And STDERR should be:
"""
Error: No plugins verified (1 failed).
"""
Scenario: Modified plugin doesn't verify
Given a WP install
When I run `wp plugin install duplicate-post --version=3.2.1`
Then STDOUT should not be empty
And STDERR should be empty
Given "Duplicate Post" replaced with "Different Name" in the wp-content/plugins/duplicate-post/duplicate-post.php file
When I try `wp plugin verify-checksums duplicate-post --format=json`
Then STDOUT should contain:
"""
"plugin_name":"duplicate-post","file":"duplicate-post.php","message":"Checksum does not match"
"""
And STDERR should be:
"""
Error: No plugins verified (1 failed).
"""
When I run `rm wp-content/plugins/duplicate-post/duplicate-post.css`
Then STDERR should be empty
When I try `wp plugin verify-checksums duplicate-post --format=json`
Then STDOUT should contain:
"""
"plugin_name":"duplicate-post","file":"duplicate-post.css","message":"File is missing"
"""
And STDERR should be:
"""
Error: No plugins verified (1 failed).
"""
When I run `touch wp-content/plugins/duplicate-post/additional-file.php`
Then STDERR should be empty
When I try `wp plugin verify-checksums duplicate-post --format=json`
Then STDOUT should contain:
"""
"plugin_name":"duplicate-post","file":"additional-file.php","message":"File was added"
"""
And STDERR should be:
"""
Error: No plugins verified (1 failed).
"""
Scenario: Soft changes are only reported in strict mode
Given a WP install
When I run `wp plugin install release-notes --version=0.1`
Then STDOUT should not be empty
And STDERR should be empty
Given "Release Notes" replaced with "Different Name" in the wp-content/plugins/release-notes/readme.txt file
When I run `wp plugin verify-checksums release-notes`
Then STDOUT should be:
"""
Success: Verified 1 of 1 plugins.
"""
And STDERR should be empty
When I try `wp plugin verify-checksums release-notes --strict`
Then STDOUT should not be empty
And STDERR should contain:
"""
Error: No plugins verified (1 failed).
"""
Given "Release Notes" replaced with "Different Name" in the wp-content/plugins/release-notes/README.md file
When I run `wp plugin verify-checksums release-notes`
Then STDOUT should be:
"""
Success: Verified 1 of 1 plugins.
"""
And STDERR should be empty
When I try `wp plugin verify-checksums release-notes --strict`
Then STDOUT should not be empty
And STDERR should contain:
"""
Error: No plugins verified (1 failed).
"""
# WPTouch 4.3.22 contains multiple checksums for some of its files.
# See https://github.com/wp-cli/checksum-command/issues/24
Scenario: Multiple checksums for a single file are supported
Given a WP install
When I run `wp plugin install wptouch --version=4.3.22`
Then STDOUT should not be empty
And STDERR should be empty
When I run `wp plugin verify-checksums wptouch`
Then STDOUT should be:
"""
Success: Verified 1 of 1 plugins.
"""
And STDERR should be empty
Scenario: Throws an error if provided with neither plugin names nor the --all flag
Given a WP install
When I try `wp plugin verify-checksums`
Then STDERR should contain:
"""
You need to specify either one or more plugin slugs to check or use the --all flag to check all plugins.
"""
And STDOUT should be empty
Scenario: Ensure a plugin cannot filter itself out of the checks
Given a WP install
And these installed and active plugins:
"""
duplicate-post
wptouch
"""
And a wp-content/mu-plugins/hide-dp-plugin.php file:
"""
<?php
/**
* Plugin Name: Hide Duplicate Post plugin
*/
add_filter( 'all_plugins', function( $all_plugins ) {
unset( $all_plugins['duplicate-post/duplicate-post.php'] );
return $all_plugins;
} );
"""
And "Duplicate Post" replaced with "Different Name" in the wp-content/plugins/duplicate-post/duplicate-post.php file
When I run `wp plugin list --fields=name`
Then STDOUT should not contain:
"""
duplicate-post
"""
When I try `wp plugin verify-checksums --all --format=json`
Then STDOUT should contain:
"""
"plugin_name":"duplicate-post","file":"duplicate-post.php","message":"Checksum does not match"
"""